Restaurant Depot customers are reporting phishing emails sent from what appears to be the wholesaler's mailing list.
On Tuesday, customers took to Twitter with queries concerning strange emails that landed in their inboxes which appeared to be from Restaurant Depot.
The phishing emails, as basic as they are, inform customers that they have an invoice worth thousands of dollars to pay, and the amount will be taken out of their accounts in the near future.
Based in College Point, NY, Restaurant Depot is a members-only wholesale cash & carry provider of goods to commercial food service entities including equipment, point of sale (PoS) systems, and refrigeration units.
As the case with phishing emails in general, the link to the 'invoice' is malicious and recipients of the messages, which make use of a spoofed Restaurant Depot email address, should not click the link or pay the email any heed.
An example of the phishing email forwarded to ZDNet is below, and included the spoofed Restaurant Depot firstname.lastname@example.org email address, the customer's trading name, and address (redacted):
Another example posted online demanded an invoice payment of $1924.04. Some customers have received more than one suspicious email.
On Twitter, one user said they had managed to get through to the company and that the wholesaler is aware of the email list compromise, adding "It's pretty big, the breach."
Update 7.19 BST: ZDNet requested comment from Restaurant Depot and received the following boilerplate statement:
"Thank you for contacting us regarding the email you received that appears to be from us indicating an invoice is due. That email is NOT from us. Please delete it without opening. Please be assured that we are taking steps to find the culprit and will do everything in our power to prevent this from happening in the future. Thank you as always for your business."
Previous and related coverage
- Cyberattackers now pose as business executives to secure security certificates
- 700,000 Choice Hotels records leaked in data breach, ransom demanded
- DK-Lok data breach exposes global enterprise client data, internal emails
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0